package com.xo.xodemo.springsecurityconfig;


import com.xo.xodemo.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Value("${logoutAddress}")
    private String logoutAddress;
    @Autowired
    private UserService userService;
    @Autowired
    private ValidateCodeFilter validateCodeFilter;
    @Autowired
    private CustomAuthenticationFailureHandler customAuthenticationFailureHandler;
    @Autowired
    private CustomAuthenticationSuccessHandler customAuthenticationSuccessHandler;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //允许登录
//        http.formLogin().loginPage("/login").permitAll().and().rememberMe().tokenValiditySeconds(600 * 600);
        http.formLogin().loginPage("/login").permitAll();
        http.formLogin().loginProcessingUrl("/tologin");
        http.formLogin().failureHandler(customAuthenticationFailureHandler);
        http.formLogin().successHandler(customAuthenticationSuccessHandler);
        http.logout().logoutSuccessUrl(logoutAddress);
        // 禁止csrf
        http.cors().and().csrf().disable();
        // 超时回到登录页面
        http.sessionManagement().invalidSessionUrl("/login?error=timeout");
        //加入验证码过滤器
        http.addFilterBefore( validateCodeFilter, UsernamePasswordAuthenticationFilter.class);
        //允许登出
        http.logout().permitAll();
        //允许静态资源访问
        http.authorizeRequests().antMatchers("/goodsshow").permitAll();
        http.authorizeRequests().antMatchers("/goodsreturn").permitAll();
        http.authorizeRequests().antMatchers("/QrCode/build").permitAll();
        http.authorizeRequests().antMatchers("/QrCode/buildnew").permitAll();
        http.authorizeRequests().antMatchers("/QrCode/getpaystatus").permitAll();
        http.authorizeRequests().antMatchers("/layui/**").permitAll();
        http.authorizeRequests().antMatchers("/echarts/**").permitAll();
        http.authorizeRequests().antMatchers("/bootstrap/**").permitAll();
        http.authorizeRequests().antMatchers("/jquery/**").permitAll();
        http.authorizeRequests().antMatchers("/img/**").permitAll();
        http.authorizeRequests().antMatchers("/code/img").permitAll();
        http.authorizeRequests().antMatchers("/process/fillResult").permitAll();  // E签宝暂时无用
        http.authorizeRequests().antMatchers("/process/fileDownloadUrl").permitAll();  // E签宝下载
        http.authorizeRequests().antMatchers("/process/postContract").permitAll();  // E签宝发起签署
        http.authorizeRequests().antMatchers("/process/contracts").permitAll();  // E签宝获取合同列表
        http.headers().frameOptions().disable();
        //其他的需要登录才能访问
        http.authorizeRequests().anyRequest().authenticated();
//        http.authorizeRequests().anyRequest().permitAll();



    }

    //定义认证规则
    @Override
    protected void  configure(AuthenticationManagerBuilder auth) throws Exception {
       //BCrypt加密
        auth.userDetailsService(userService).passwordEncoder(new BCryptPasswordEncoder());

    }

}